The Book of PF: A No-Nonsense Guide to the OpenBSD Firewall
by Peter Hansteen

From the product description:

Quote:

OpenBSD's stateful packet filter, PF, offers an amazing feature set and support across the major BSD platforms. Like most firewall software though, unlocking PF's full potential takes a good teacher. Peter N.M. Hansteen's PF website and conference tutorials have helped thousands of users build the networks they need using PF. The Book of PF is the product of Hansteen's knowledge and experience, teaching good practices as well as bare facts and software options...

Quick caveat -- I am primarily a FreeBSD guy. Since I started with FBSD, I've been using IPFW, which is a very excellent (if not uber complex) firewall implementation.

All that said, this book is the reason I decided to start using the (ported) FreeBSD PF. It's a great supplement to the faq/pf provided by the OBSD folks. The book is short, methodical, and contains relevant examples to get one up to speed on PF usage. It's also inexpensive.

To be honest, I read through the entire book by visiting a bookstore cafe several times. (Yes, I know that is not nice.) That may provide some idea as to how quick and readable this book is.

The book format is nice if you want to get the most of pf quickly but if you have the time read the faq on the website it gives an overall view on pf and then read the man pages (pf pfctl pf.conf...) and you'll pretty much get all the details.

...if you have the time read the faq on the website it gives an overall view on pf...

The OpenBSD Website will only chronicle the latest version of PF found in the latest OpenBSD release. For those using FreeBSD or NetBSD, the Website's information may not be compatible with the version of PF installed because FreeBSD & NetBSD have older versions of PF ported to their platforms.

Quote:

...and then read the man pages (pf pfctl pf.conf...) and you'll pretty much get all the details.

Agreed. The manpages installed on each platform should be definitive for the version of PF installed.